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AMENDMENTS TO THE CLAIMS 

This listing of claims will replace all prior versions and listings of claims in the 
application: 

Listing of Claims; 

1. (currently amended) A mobile agent dovioo in a Mobile Virtual Private Notwork, said 
device comprisin g module for providing in a Mobile Virtual Private network mobility for a 
remotely connecting node moving between an external network and an internal network, the 
module comprising : 

a mobile agent device positioned at the ends of the internal network, the mobile ap ent 

adapted for: 

a. termination of a.Mobile IP tunnel from a-the remotely connecting Mobile Node; 

b. termination of an IPSec VPN tunnel from the remotely connecting Mobile Node. 
the IPSec VPN tunnel used for tiuinelling to the mobile agent traffic intended for a 
destination node within the internal nelvvork : 

c. dynamic Seleetiren -selection of an_Internal Mobile IP Home Agent based on user 
Au t hen t icati o n authentication, wherein the mobile agent stores in a mapping table" a 
traffic encapsula tion type used for routing traffic from the mobile agent to the Internal 
Mobile IP Home Agent : 

d. if no traffi c encapsulation type is set in the mapping table, direct routing of the 
traffic from the mobile agent towards the destination node, and otherwise, if a traffic 
encapsulation type is set in the mapping table, tunneling of thc_traffic4o and/or from the 
assigned Int e rnal Mobile Homo A^ c nt tor thia Mobile Node between the mobile agent 
and the selecte d Internal Mobile IP Home Agent prior to routing of the traffic from the 
selected Int ernal Mobile IP Home Agent toward the destination node : and^ 

e. provision of extended authentication, after Mobile IP connection establishment, 
and during the VPN negotiation phase, based on extra user credentialsT orjLone-time- 
password mechanism or similur . 
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2. (currently amended) The deviee -module of Claim 1, wherein the mobile agent device 
appears as a Mobile IP Foreign Agent towards the Internal Mobile IP Home Agent. 

3. (currently amended) The dovice module of Claim 1, wherein the mobile agent device 
appears as a Mobile IP Home Agent towards the remotely connecting Mobile Node. 

4. (currently amended) The devie& -module of Claim 1, wherein the mobile agent device 
provides a dynamically assigned Mobile IP address to the remotely connecting Mobile Node, if 
requested to do so by the remotely connecting Mobile Node. 

5. (currently amended) The devi^^ module of Claim 1, wherein the mobile agent device 
provides a termination point for IKE & IPSec VPN connections from a remotely connecting 
Mobile Node. 

6. (currently amended) The d^iee- module of Claim 1, wherein the traffic encapsulation type 
mo bile aficnt device md the Internal Home Agen t encapsulation . 

7. (currently amended) The devico recited in m odule of Claim 1, wherein the traific 
encapsulation type set in the mappinti table is UDP en c ap s ulated tunneling ia used for tran^ifer of 
traffic between the mobile aa o nt device and th e Internal Homo Aaont encapsulation . 

8. (cancelled) 

9. (currently amended) The device- module of Claim 1 , wherein IP encapsulated tunneling is 
used for transfer of traffic between the remotely connecting mobil e nod e -Mobile Node and the 
mobile agent device. 
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10. (currently amended) The deviee -module of Claim 1, wherein UDP encapsulated tunneling 
is used for transfer of traffic between the remotely connecting mobile node -Mobile Node and the 
mobile agent device. 

11. (currently amended) The deviee^ module of Claim 9 wherein IPSec tunneling is used for 
protection of the transfer of traffic between the remotely connecting m obile node - Mobile Node 
and the mobile agent device, within said encapsulation. 

12. (currently amended) The devie^ modulc of Claim 1, further comprising restriction of user 
access to the internal Mobile IP home agent or to the internal network, until extended user 
authentication is carried out. 

13. (currently amended) The deviee- module of Claim 1, further comprising time and volume 
based accounting ifs-carried out on a per Mobile Node basis. 

1 4. (cancelled) 

15. (currently amended) The d evice module of Claim 10, wherein IPSec tunneling is used for 
protection of the transfer of traffic between the remotely connecting m o biio node Mobile Node 
and the mobile agent device, within said encapsulation. 
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